DockerCon EU Recap

DockerCon EU 2017 Recap: Security, Kubernetes, and MTA

Hej from Copenhagen!

I’ve had the privilege of spending the last few days here at an incredible DockerCon EU. With thousands of attendees from hundreds of companies converging on the City of Spires, it’s clear that the Docker community is thriving across the world. Here are some of the highlights we saw this week.

Docker Continues to Grow by Leaps & Bounds

At his morning keynote, Steve Singh, CEO of Docker, highlighted the state of the Docker ecosystem, with 21 million hosts running Docker and more than 24 billion (!) image pulls to date. Compare this to 14 million Docker hosts and 12 billion pulls, announced just six months ago at DockerCon in Austin.

I was invited to talk about StackRox and the current state of container security with Nathan McCauley, director of security at Docker; Simon Leech, chief technologist at HPE; and other Docker security ecosystem partners; on a panel moderated by journalist Sean Michael Kerner.

Some of the topics that we covered included:

How should customers get started with securing their containers?

What aspects of container security tend to be overlooked?

What container attacks have we seen?

Nathan started by talking about how container platforms like Docker are providing built-in security capabilities, including vulnerability scanning and image signing, to help customers protect their container images. This is complemented by the threat detection and runtime enforcement that StackRox provides. Together, Docker and StackRox provide comprehensive, best-in-class security for our joint customers across the entire container lifecycle.

We also spoke about the importance of runtime security, and that threat vectors extend beyond containers to the orchestrator platform itself. CI/CD security by itself is not sufficient, and organizations need to be prepared and equipped to detect intrusions and active compromise in their container environments. Orchestrators also represent separate and distinct attack surfaces that can be compromised via unauthorized privileged access.

Simon spoke about how large enterprise organizations can bring relevant stakeholders together to initiate collaboration and achieve operational excellence when looking to secure container environments.

When it came to container exploits in the wild, I spoke about how StackRox has seen attack patterns that span code injection on web services, lateral movement, and data exfiltration. As a security community, we need to further invest in threat research and investigation to better understand the emerging threat landscape for container environments.

A StackRox Shoutout Onstage

Diogo Monica, security lead at Docker, gave a fantastic talk on how to apply lessons from Formula One car safety to modern data and infrastructure protection. As part of his talk, he also gave a special shoutout to how StackRox helps security teams understand the impact and severity of events throughout their environment, while showing the audience some screenshots of the StackRox Portal.

First, customers now have greater choice and flexibility over the orchestrator they use with the Docker platform. They may choose to run certain workloads on Kubernetes, and others on Swarm, all with a consistent management interface. Second, this combines the usability of Docker interfaces with the scalability and robustness of Kubernetes. And third, Docker’s security capabilities along the software supply chain will work with either orchestrator, enabling you to get best-in-class CI/CD security for multiple orchestration platforms.

Finnish Railways talked about how MTA is enabling more than 40% cost savings across their application portfolio. And Docker then announced a new partnership with IBM to further advance the MTA program and drive synergies with IBM Cloud.

Docker Ecosystem

Thanks to the Docker team for another great show. The ecosystem expo, keynotes, and breakouts all reflect a vibrant community that continues to push the boundaries of software.